Certificate Transparency

Better Certificate Monitoring. Improving Website Security.

As the internet continues to sprawl, more and more SSL/TLS certificates are needed to keep data secure. With so many to manage, improperly or maliciously issued certificates can easily slip through the cracks, threatening the stability and security of the entire SSL/TLS ecosystem.

That's why as of October 1, 2017, all public certificates issued will be required to support Certificate Transparency. Learn more about Certificate Transparency and how DigiCert can help you get the most out of this emerging industry standard with our helpful infographic breakdown.

DOWNLOAD PDF

How Certificate Transparency Works

WHO LOGS CERTIFICATES

Certificate Authority (CA)

Authenticates and verifies identity; issues certificate

Website Crawlers

Certificate Authorities

Browser Vendors

Web Users

Anyone

CAs log SSL/TLS certificates as part of issuance process

Third parties seek out, find, and log certificates to promote system transparency

Public Certificate Transparency Log Server

WHO ACCESSES THE LOGS

Business or Domain Owners / IT

Web Browsers & Data Aggregators

Certificate Checkers

Security Professionals and Applications

Key stakeholders and interested parties can easily monitor the logs to quickly identify and mitigate maliciously or mis-issued certificates.

DIGICERT CRYPTOREPORT

Determine Your Certificate Transparency

You can also check for Certificate Transparency in the certificate details. If you are using certificates issued before October 1, 2017, you may need to upgrade, replace or reissue your certificate. If your website is not CT-compliant with logged certificates, users may see warnings in Google Chrome.

If you want to hide the details of your private website, choose 'Root domain names only' when enrolling new certificates. This is covered by the latest version of the Internet Engineering Task Force (IETF) standards but may not be respected by all browsers or Certificate Transparency logs.

SEE THE REPORT

Protect and Manage

Protect Your Digital Brand

Now it's easier for browsers to spot phishing sites and fake certificates, strengthening trust.

Spot Certificate / Identity Issues

Reveal improperly issued certificates by cross-checking them against public logs.

Full DigiCert Support

All DigiCert certificates include CT, and our tools and certificate issuance processes make it easy to support.

Maintain Privacy

DigiCert supports emerging standards to protect the details of internal, private and sensitive domains.

Easy and Simple to Deploy

CT is automatically included in any certificates issued after October 1, 2017, and it's easy to update older certificates.

Increased Trust Online

CT makes it harder for hackers and criminals to weaken consumer trust in SSL/TLS certificates.

TRUST AND VERIFY

DigiCert is leading the industry in support of Certificate Transparency.

CT is standard in all our SSL/TLS certificates. It works like this: Certificate Authorities, such as DigiCert, log new certificates in publicly accessible, tamper-proof registries. Browsers can use these logs to verify certificates, and IT managers can also use them to spot problems, including improperly issued, out-of-policy and rogue certificates.

Check Certificate Transparency for Your Site

Use DigiCert's CryptoReport to look up your domain in public logs, including DigiCert's.

MANAGEMENT TOOLS

SSL/TLS CERTIFICATES

Code Signing Certificates

PARTNER PROGRAMS

TLS/SSL Certificates RENEW

Management Tools

Code Signing Certificates RENEW

Contact Sales

Help Me Choose a Product

CERTIFICATE TRANSPARENCY